From: aliguori <aliguori@c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Sat, 28 Mar 2009 18:01:29 +0000 (+0000)
Subject: char: Fix closing of various char devices (Jan Kiszka)
X-Git-Tag: xen-3.4.0-rc2~1^2~14
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=02d400ead71795123ac8580618de24e90df71154;p=qemu-xen-4.0-testing.git

char: Fix closing of various char devices (Jan Kiszka)

This patch fixes several issues around closing char devices. Affected
were pty (timer was left behind, even running), udp (no close handling
at all) and tcp (missing async IO handler cleanup). The bugs either
caused segfaults or stalled the qemu process. So far, hot-unplugging USB
serial adapters suffered from this.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@6912 c046a42c-6fe2-441c-8c8c-71466251a162
---

diff --git a/qemu-char.c b/qemu-char.c
index 1fd3aefe..64d41d0d 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -917,6 +917,8 @@ static void pty_chr_close(struct CharDriverState *chr)
 
     qemu_set_fd_handler2(s->fd, NULL, NULL, NULL, NULL);
     close(s->fd);
+    qemu_del_timer(s->timer);
+    qemu_free_timer(s->timer);
     qemu_free(s);
 }
 
@@ -1746,6 +1748,16 @@ static void udp_chr_update_read_handler(CharDriverState *chr)
     }
 }
 
+static void udp_chr_close(CharDriverState *chr)
+{
+    NetCharDriver *s = chr->opaque;
+    if (s->fd >= 0) {
+        qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
+        closesocket(s->fd);
+    }
+    qemu_free(s);
+}
+
 static CharDriverState *qemu_chr_open_udp(const char *def)
 {
     CharDriverState *chr = NULL;
@@ -1779,6 +1791,7 @@ static CharDriverState *qemu_chr_open_udp(const char *def)
     chr->opaque = s;
     chr->chr_write = udp_chr_write;
     chr->chr_update_read_handler = udp_chr_update_read_handler;
+    chr->chr_close = udp_chr_close;
     return chr;
 
 return_err:
@@ -1981,10 +1994,14 @@ static void tcp_chr_accept(void *opaque)
 static void tcp_chr_close(CharDriverState *chr)
 {
     TCPCharDriver *s = chr->opaque;
-    if (s->fd >= 0)
+    if (s->fd >= 0) {
+        qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
         closesocket(s->fd);
-    if (s->listen_fd >= 0)
+    }
+    if (s->listen_fd >= 0) {
+        qemu_set_fd_handler(s->listen_fd, NULL, NULL, NULL);
         closesocket(s->listen_fd);
+    }
     qemu_free(s);
 }